Dan Veditz

@dveditz@infosec.exchange
492 Followers
788 Following
620 Posts
Mozilla Firefox security
Show threadDan VeditzJun 19

@jeromecoupe @keithamus

Good news: anchor positioning, view transitions, and @scope are all part of Interop-2025 and we're hard at work on them

https://wpt.fyi/interop-2025

web-platform-tests dashboard

Show threadDan VeditzJun 19

@oli
You can move it to the right side if you want 🙃

(yes, you can turn it all the way off, too)

Show threadDan VeditzJun 19
@mattblaze
And some professors write a whole book about bullshit
https://en.wikipedia.org/wiki/On_Bullshit
On Bullshit - Wikipedia

Dan VeditzJun 17
Graham CluleyJun 16

💥 The ransomware vs insurance company playbook 💥

1. Ransomware gang infects insurance company, but DOESN'T install ransomware. Instead it steals information about insurance company's clients, learns which have cyberinsurance, and how much insurance cover they have.

2. Gang takes list of insured companies and goes through it - it's a rolodex of ransomware - infecting each one with ransomware. They tell the victims that they know how much cyberinsurance they have, and suggest they pay up PDQ

Show threadDan VeditzJun 15
@Gargron
Sometimes they aren't even impersonators, just groups from different parts of the world with the same idea for a name, neither big enough to be known much outside their region.
Show threadDan VeditzJun 14

@karlauerbach @joebeone

ISRG was formed to combine complementary efforts by Mozilla and EFF/UoM.

https://en.m.wikipedia.org/wiki/Let%27s_Encrypt#History

More than you want to know about it's history, the ACME protocol, and impact on getting rid of insecure web traffic in this 2019 paper
https://dl.acm.org/doi/pdf/10.1145/3319535.3363192

Let's Encrypt - Wikipedia

Show threadDan VeditzJun 13

@tante

I tried the latest Release and nightly versions on Mac and the protocol copied as expected. Do you have any unusual customizations?

I prefer to disable trimURLs anyway, but being able to edit and copy the full URL on interaction is an important part of the display trimming!

@freddy @timbray

Show threadDan VeditzJun 10

@mav
PDF.js is open source and can definitely fill out forms. Not sure what you mean by annotations but you can highlight or scribble on the document. It's made to run on a web server, but it's also the heart of the Firefox PDF viewer so someone should be able to wrap it as a mobile app.

https://github.com/mozilla/pdf.js

GitHub - mozilla/pdf.js: PDF Reader in JavaScript

PDF Reader in JavaScript. Contribute to mozilla/pdf.js development by creating an account on GitHub.

GitHub
Dan VeditzJun 10
mhoyeJun 10
I laughed. Yeah, it's like that at times.
Show threadDan VeditzJun 6
@jrconlin
I am surprised there is this level of popular interest in bitwise operators.
×
Graham CluleyJun 16

💥 The ransomware vs insurance company playbook 💥

1. Ransomware gang infects insurance company, but DOESN'T install ransomware. Instead it steals information about insurance company's clients, learns which have cyberinsurance, and how much insurance cover they have.

2. Gang takes list of insured companies and goes through it - it's a rolodex of ransomware - infecting each one with ransomware. They tell the victims that they know how much cyberinsurance they have, and suggest they pay up PDQ

Show threadGraham CluleyJun 16

3. Once gang has gone through the entire list, it goes back to where it began - with the original hacked insurance company, and installs its ransomware there too.

4. Gang finds a new insurance company to hack, and so it continues...

By the way, ransomware gangs are already doing this...

Show threadPhil Ashby  🍵Jun 16
@gcluley possibly even more effective if they start with a big broker company.. adding to the risk model when I'm in the office tomorrow!